NEWS & INDUSTRY UPDATES

Study conducted by Accenture and AMA shows that a majority of physicians in the US have experienced a cybersecurity incident, including phishing, malware and inappropriate access by insiders [Read More]

From raising $30 million in 30 seconds to being endorsed by Paris Hilton or vanishing into thin air: anything is possible in the risky new world of cryptocurrency fundraising, but regulators are lurking. [Read More]

The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter (PDF) to Paulino Barros, the interim CEO of Equifax. [Read More]

FEATURES, INSIGHTS // Compliance

Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.

Compliance is a byproduct of a solid security program – but that doesn’t mean it’s simple. Compliance can involve technical architecture and operational processes that many organizations simply don’t understand or don’t want to bother with.

In the era of the public cloud, when employees are frequently using consumerized applications to share and store data, it's time for security and risk professionals to adopt a new security thought paradigm that focuses on the insider threat that employees create, not solely on protecting data itself.

The Omnibus Rule that updated the Health Insurance Portability and Accountability Act (HIPAA) has the potential to be a game changer because of the things it says in writing, as well as some of the things that it doesn’t say.

2012 was an interesting year in security – publicity around breaches led to greater awareness than we’ve seen in years, encouraging many in the Federal sector to look into our corner of IT. So what will happen in IT Security 2013?